Security News

The warning to Putin was largely a repetition of the tough rhetoric Biden had used during their meeting in Geneva last month, when he warned that there would be consequences for continuing cyberattacks emanating from Russia. The dual prongs of the agenda show how even as Biden pledges to get tough on Russia over hacking, there's an inherent desire to avoid aggravating tensions as the administration looks for Russia to cooperate, or at least not interfere, with U.S. actions in other areas, including Syria, the Afghanistan withdrawal and climate change.

President Biden asked Russian President Putin during a phone call today to disrupt ransomware groups operating within Russia's borders behind the ongoing wave of attacks impacting the United States and other countries worldwide. "President Biden underscored the need for Russia to take action to disrupt ransomware groups operating in Russia and emphasized that he is committed to continued engagement on the broader threat posed by ransomware," a White House statement reads.

City of London Police is looking to crack down on cybercrime with the purchase of "Next-generation IT services" in the hopes it will beef up the systems supporting Action Fraud and the National Fraud Intelligence Bureau. Action Fraud - founded in 2006 - is the UK's national reporting centre for fraud and cybercrime.

A new Monero cryptojacking malware distributed via "Cracked" versions of popular online games is wiping out antivirus programs and surreptitiously mining cryptocurrency in more than a dozen countries, researchers have found. Dubbed "Crackonosh," the malware - which has been active since June 2018 - lurks in pirated versions of Grand Theft Auto V, NBA 2K19 and Pro Evolution Soccer 2018 that gamers can download free in forums, according to a report posted online Thursday by researchers at Avast.

At the latest Group of Seven summit, held June 11-13 in the UK, Western leaders called on Russia to take action against those who conduct ransomware attacks and other cybercrimes from within its borders. In a communiqué issued after the conclusion of the summit, G7 countries vowed to work together to "Further a common understanding of how existing international law applies to cyberspace" and collaborate to "Urgently address the escalating shared threat from criminal ransomware networks."

As more private data is stored and shared digitally, researchers are exploring new ways to protect data against attacks from bad actors. Current silicon technology exploits microscopic differences between computing components to create secure keys, but AI techniques can be used to predict these keys and gain access to data.

The United States' Department of Defense has opened up all of its publicly facing systems and apps to investigation under a bug bounty program. The bug bounty system had only been aimed at websites but now Kristopher Johnson, director of its Vulnerability Disclosure Program, has said "Websites were only the beginning as they account for a fraction of our overall attack surface" and urged the infosec community to take a wider view.

A duo in China has been accused of tricking a government-run identity verification system to create fake invoices. According to state-controlled outlet Xinhua, the suspects tricked the State Taxation Administration platform's identity verification system by manipulating high-def photos with a widely available app that turns photos into videos.

Brewing company Molson Coors acknowledged on Thursday that it has "Experienced a systems outage that was caused by a cybersecurity incident," according to a Form 8-K filed with the SEC. The company did not say which type of attack has caused widespread issues across its entire business - including its brewery operations, production and shipments - but given recent major attacks on other mainstream companies, security experts are speculating that it could have been a ransomware attack. "High-profile attacks are becoming all too common, as attackers have realized they are immensely more profitable when they target large organizations and disrupt their critical business operations - in this case, the brewing operations of the world's biggest, well-known beer brands," observed Edgard Capdevielle, CEO at Nozomi Networks, in an email to Threatpost.

A series of police raids in Belgium have resulted in the apparent shutdown of the Sky ECC encrypted mobile phone network. As the second major encrypted phone network to be shut down by police in Europe, Sky ECC's seeming downfall has parallels with the Encrochat story, where French and Dutch police man-in-the-middle'd the encrypted phone network on suspicion it was being used mainly by organised criminals.